[tbb-bugs] #29957 [Applications/Tor Browser]: clicking on "click to play" media leaks URLs via NoScript on-disk preferences
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sat Apr 6 02:27:54 UTC 2019
#29957: clicking on "click to play" media leaks URLs via NoScript on-disk
preferences
---------------------------------------+-----------------------------------
Reporter: catalyst | Owner: tbb-team
Type: defect | Status: needs_information
Priority: High | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: tbb-disk-leak, tbb-newnym | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
---------------------------------------+-----------------------------------
Comment (by cypherpunks):
Replying to [comment:1 gk]:
> I tried to reproduce both issues but failed with a clean Tor Browser
8.0.8 on Windows 7. So, I wonder what goes wrong on the user's computer.
Maybe some extra tools installed are interfering?
I just tried this on my own Windows 7 computer with browser 8.0.8 and it
*does* persist for me. I went to Wikipedia with the slider set to "Safer"
and viewed some videos that were click-to-play. After restarting Tor
Browser and checking the NoScript settings "per-site permissions", the
whitelisted URLs are being shown like this one:
>
https://upload.wikimedia.org/wikipedia/commons/transcoded/0/0a/Comparing_CMEs.ogv/Comparing_CMEs.ogv.480p.vp9.webm
I restarted Tor Browser with New Identity, and I closed and re-opened it,
and I rebooted my computer, so I can *confirm* that this is an issue!
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29957#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tbb-bugs
mailing list